A quarter of businesses and organisations across the UK are unaware of forthcoming legislation that has been billed the “biggest shake-up of data protection law in 20 years”.

With just a year to go till the General Data Protection Regulation (GDPR) comes into effect – imposing strict new rules on the collection, storage and use of personal data – a survey commissioned by legal firm Brodies has found that 25 per cent are unaware of the new legislation.

Furthermore, almost half have yet to start preparing for it.

Read More

GDPR replaces the current Data Protection Act 1998, bringing with it strict new rules and higher fines for breaching those rules.

For example, the use of pre-ticked “opt in” boxes used on websites for marketing purposes will no longer be allowed. Instead, those handling personal data will be required to seek consent through “affirmative action” from individuals, and will have to explain to them how their data will be used, how long it will be kept and how it will be safeguarded.

Grant Campbell, head of Brodies commercial services division, said the results show that much remains to be done to get UK firms ready for GDPR compliance by May 2018.

“Personal data is the lifeblood of many organisations and, increasingly, how they handle that data is a matter of concern not just to regulators but to us all,” he said.

Read More

“Meeting the requirements of GDPR is a regulatory compliance issue but it also protects organisations from brand and other reputational damage, and that will be increasingly important if individuals are to trust them with their data and business.”